Your Operating System Wants Your ID
California just passed a law that forces every operating system to ask your age during setup. Not your app. Not a website. Your device itself.
The law is called the Digital Age Assurance Act (A.B. 1043). It takes effect in 2027. It requires operating systems to sort users into age brackets: under 13, 13 to 15, 16 to 17, or 18 and older. That bracket gets shared with every app you install, on request, indefinitely.
Colorado and Illinois are drafting similar bills. The UK already pushed Apple into OS-level age checks on iPhones. Australia banned under-16s from social media entirely.
This is not about protecting children from harmful content. That goal is real and worth pursuing. This is about where the identity check lives. Moving it into the operating system turns your device into a permanent credential. Every app on it inherits that credential. No opt-out.
How it works
Age verification used to be a website problem. A site hosting adult content would ask you to confirm your age before letting you in. The check stayed between you and that site.
A.B. 1043 moves the check to your operating system. When you set up a new device or create an OS account, the system collects your date of birth or age. It assigns you to a bracket. Apps can then query the OS for that bracket through an API. They do not need to verify you themselves.
The law treats this age bracket signal as giving the app "actual knowledge" of whether a user is a minor. That legal framing matters. Under California's Age-Appropriate Design Code, knowledge of a minor user triggers additional compliance obligations. So app developers who receive a "minor" signal face a choice: build expensive age-gated features, or block minors entirely.
Most will block. The EFF calls this outsourced censorship. Developers lean into over-restriction because the liability risk of under-restriction is too high.
Who controls the signal
Apple and Google run the operating systems on 99% of the world's mobile devices. If age verification becomes an OS function, these two companies become the gatekeepers for identity signals across millions of apps.
Developers lose the ability to decide how they verify users. They must trust Apple or Google's classification. They must accept whatever interpretation of the law these companies bake into their systems. There is no alternative infrastructure to query.
This entrenches existing power. Apple and Google already control app distribution, payment processing, and policy enforcement. Adding identity verification to that stack makes it harder for competitors to build alternative platforms. Developers who want to reach users on mobile have no choice but to comply.
The surveillance ratchet
Once an operating system can verify and transmit identity attributes like age, the same mechanism can transmit other attributes. Political affiliation. Religious identity. Citizenship status. The infrastructure does not care what data it carries.
China already requires real-name registration for app store accounts. Russia has ordered Apple and Google to remove apps from their stores. These systems were built for compliance. Age verification infrastructure, once deployed globally by Apple and Google, could be extended to serve any government requirement.
The Proton blog documented this pattern in March 2026: "Systems built for age verification could become a foundation for wider forms of control."
Shared devices, broken assumptions
A.B. 1043 assumes one person per device. That assumption is wrong. Low-income households share devices across family members. A tablet registered by a parent sends an "adult" signal when a 10-year-old uses it. A phone set up by a teenager sends a "minor" signal when their parent borrows it.
The EFF flagged this directly: these laws "create unnecessary and unconstitutional barriers for adults and young people to access information and express themselves online," especially when family members of varying ages share devices.
There is no technical solution to this within the OS-level model. Multi-user profiles exist on some platforms but are rarely used on phones. The age signal will be wrong for a large percentage of actual users.
Open-source developers under fire
A.B. 1043 applies to all operating systems and app stores. That includes Linux distributions. An independent developer maintaining a small app faces the same compliance requirements as Apple.
The law does not distinguish between a volunteer-maintained open-source project and a trillion-dollar corporation. Both must implement age bracket collection. Both face liability from the California Attorney General if they do not.
TechRadar reported that Linux distributions are directly in the firing line. The law's broad definition of "operating system" could capture any software that runs applications on a computing device.
This concentrates power further. Only companies with legal teams and compliance infrastructure can absorb these mandates. Everyone else gets squeezed out.
Breach risk is real
Centralizing age data creates a high-value target. Discord's age verification system has already been compromised, with attackers accessing thousands of government-issued IDs.
Moving this data to the OS level does not reduce the risk. It increases it. A breach of Apple's or Google's age verification database would expose identity information for billions of accounts. The data is more valuable than a single website's user list because it connects a verified identity to every app and service a person uses.
| Verification method | Risk | Data exposed on breach |
|---|---|---|
| Website self-declaration | Low | Nothing (no data collected) |
| ID upload to website | High | Government ID for that site |
| OS-level age bracket | Critical | Identity linked to all app usage |
| Biometric (facial scan) | Critical | Biometric data (irreplaceable) |
The global picture
What you can do
You cannot opt out of a law. But you can choose devices and operating systems that limit what identity data gets collected and transmitted.
GrapheneOS
GrapheneOS is an open-source Android fork built for privacy. It runs on Google Pixel hardware but strips out Google's identity infrastructure by default. Google Play Services, which would be the natural integration point for OS-level age verification on Android, runs as a sandboxed app with no special system privileges.
This means age verification signals cannot be enforced at the system level. Apps can request age data from the OS and get nothing back. GrapheneOS also provides per-app network toggles, sensor permission controls, and storage scoping that limit what any app can collect.
The trade-off: it only runs on Pixel devices, and it requires technical comfort to install and maintain.
Linux on desktop
A.B. 1043's broad language technically covers Linux distributions. In practice, enforcing age verification on Debian or Fedora would be nearly impossible. These are community-maintained projects with no central company to sue. The law may apply on paper, but compliance mechanisms do not exist for decentralized operating systems.
If you use a desktop for anything age-gated, a Linux distribution is the path of least surveillance.
Compartmentalize
Use a dedicated privacy phone for sensitive activity. Keep your identity-verified device for banking and work. Run a VPN on both. Use surveillance-resistant phone numbers where possible.
The more your identity is consolidated into a single device credential, the more valuable that credential becomes to attackers and governments. Spread your identity across systems that do not talk to each other.
The real alternative
The EFF has been consistent: the answer to child safety online is data privacy legislation, not age gates. A law that restricts what companies can collect about everyone, including children, addresses the actual harm without building surveillance infrastructure.
Data minimization rules would prevent platforms from building detailed profiles of minors in the first place. No profile means no targeted content, no behavioral manipulation, no data to breach.
Age verification does the opposite. It creates more data, concentrates it in fewer places, and gives governments a mechanism to control access to information. The stated goal is child safety. The actual result is identity infrastructure that serves whoever controls it.
Frequently Asked Questions
What is OS-level age verification?
OS-level age verification requires your device operating system (iOS, Android, Windows) to collect your age during account setup and share that information with every app you use. Instead of individual websites checking your age, your device becomes a permanent identity checkpoint.
Which countries require OS-level age checks?
California passed the Digital Age Assurance Act (A.B. 1043) taking effect in 2027. Colorado and Illinois have similar bills under consideration. The UK has pushed Apple to implement OS-level age verification on iPhones. Australia passed a social media minimum age law in 2024 requiring platforms to verify users are over 16.
Does GrapheneOS bypass age verification?
GrapheneOS does not include Google Play Services by default, which removes the identity infrastructure that OS-level age checks rely on. It runs sandboxed Google Play as an unprivileged app, so age signals cannot be enforced at the system level. It only supports Google Pixel devices.
Can age verification data be breached?
Yes. Discord has already had attackers gain access to thousands of government IDs submitted through its age verification system. Centralizing age data at the OS level creates a single high-value target. A breach of Apple or Google age records would expose identity data for billions of users.
What does the EFF say about OS-level age verification?
The Electronic Frontier Foundation opposes age-gating the internet. They argue these mandates create unconstitutional barriers to information access, hurt small and open-source developers, and that no available age verification method adequately protects private information while providing universal access.